Unrated severityNVD Advisory· Published Nov 4, 2018· Updated Aug 5, 2024
CVE-2018-18927
CVE-2018-18927
Description
An issue was discovered in PublicCMS V4.0. It allows XSS by modifying the page_list "attached" attribute (which typically has 'class="icon-globe icon-large"' in its value), as demonstrated by an 'UPDATE sys_module SET attached = "[XSS]" WHERE id="page_list"' statement.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
1- github.com/sanluan/PublicCMS/issues/22mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.